<!--
Copyright 2004 - 2013 Wayne Grant
          2013 - 2017 Kai Kramer

This file is part of KeyStore Explorer.

KeyStore Explorer is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

KeyStore Explorer is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with KeyStore Explorer.  If not, see <http://www.gnu.org/licenses/>.
-->
<html>
    <head>
        <title>Import a CA Reply</title>
        <link rel=stylesheet href="help.css" type="text/css">
    </head>

    <body>

        <h1>Import a CA Reply</h1>
        <hr>

        To import a CA Reply into a Key Pair:

        <ol>
            <li>Right-click on the Key Pair entry in the KeyStore Entries
                table.  Select <b>Import CA Reply</b> -> <b>From File</b> or
                <b>From Clipboard</b> from the pop-up menu.</li>

            <br>

            <li>If required the <b>Unlock Entry</b> dialog will be displayed.
                Enter the Key Pair entry's password and press the <b>OK</b> button.</li>

            <br>

            <li>The <b>Import CA Reply</b> dialog will appear.</li>

            <br>

            <li>Select the drive and folder where the CA Reply file is stored.</li>

            <br>

            <li>Click on the required CA Reply file or type the filename
                into the <b>File Name</b> text box.</li>

            <br>

            <li>Click on the <b>Import</b> button.</li>

            <br>

            <li>If the <a href="trustChecksConfig.html">Import CA Reply Trust Check</a>
                is enabled and the CA Reply file contains a single certificate:</li>

            <ul>
                <li>If KeyStore Explorer can establish a trust path between
                    the certificate and an existing self-signed Trusted
                    Certificate in your KeyStore or the
                    <a href="authorityCertificatesConfig.html">Authority Certificates</a>
                    then the import will continue.
                    Otherwise it will fail at this point.</li>
            </ul>

            <li>Alternatively if the <a href="trustChecksConfig.html">Import CA Reply Trust Check</a>
                is enabled and the CA Reply file contains a chain of certificates:</li>

            <ol>
                <li>KeyStore Explorer will attempt to match the reply's root CA
                    to an existing Trusted Certificate in your KeyStore or the
                    <a href="authorityCertificatesConfig.html">Authority Certificates</a>.</li>

                <br>

                <li>If it cannot then the <b>Certificate Details</b> dialog will appear
                    displaying the details of the reply's root CA certificate for you to
                    verify.</li>

                <br>

                <li>After viewing the details close the dialog by pressing the
                    <b>OK</b> button.</li>

                <br>

                <li>A further dialog will appear asking if you wish accept the
                    certificate.</li>

                <br>

                <li>Press the <b>Yes</b> button if you wish to trust the certificate
                    and import the CA Reply and <b>No</b> if you do not. If you reply
                    <b>No</b> the import will fail at this point.</li>
            </ol>

            <li>The Key Pair entry will be updated to reflect the content of the CA Reply.</li>

        </ol>

        <hr>

        <center><small>Copyright 2004 - 2013 Wayne Grant, 2013 - 2017 Kai Kramer</small></center>

    </body>
</html>
